AWS Security tools Bunch of scripts for AWS Pentest lambda/lambda_dumper.py – Script to Dump AWS Lambda functions lambda/lambda_backdoor.py – Backdoor AWS users iam/iam_user_enum – Bruteforce IAM usernames iam/assume_role_enum – Enumerate and Assume IAM Roles for privilege escalation eks/k8s_secrets_dumper.py – Kubernetes Secrets Dumper eks/pod_to_node_escape – Escape form k8s pod to the underlying container Read more…
What is UAC? UAC (User Account Control) is a security feature, introduced from Windows 7 and onward versions of Windows. This prevents that even a local administrator account can’t execute changes to operating system, unless the user specifically chooses to. It is very common to see desktop users working with Read more…
This script tests if APs are affected by CVE-2017-13082 (KRACK attack). See the KRACK attack website for details and also read the research paper. CVE-2017-13082: Key Reinstall in FT Handshake (802.11r) Access Points (APs) might contain a vulnerable implementation of the Fast BSS Transition (FT) handshake. More precisely, a retransmitted or replayed Read more…
Are you trying to know the Username and Password for any FB Account but you don’t want to hack their Account?That is possible!! Facebook is the most popular social media network on which about the whole world might have it’s own different accounts.People could also make multiple accounts help manage Read more…
Bypass Antivirus & Exploit Windows Using PowerShell Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Affected Version Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Read more…
ABOUT Finsploit is a simple bash script to quickly and easily search both local and online exploit databases. This repository also includes “copysploit” to copy any exploit-db exploit to the current directory and “compilesploit” to automatically compile and run any C exploit (ie. ./copysploit 1337.c && ./compilesploit 1337.c). For updates Read more…
smb-vuln-ms17-010.nse nmap nse script description Attempts to detect if a Microsoft SMBv1 server is vulnerable to a remote code execution vulnerability (ms2017-010). The script connects to the $IPC tree, executes a transaction on FID 0 and checks if the error “STATUS_INSUFF_SERVER_RESOURCES” is returned to determine if the target is not patched against Read more…
An Advanced Wireless Network Scan and Attack Script NETATTACK 2 is a python script that scans and attacks local and wireless networks. Everything is super easy because of the GUI that makes it unnecessary to remember commands and parameters. FUNCTIONS SCAN-FUNCTIONS Scan for Wi-Fi networks Scan for local Read more…
This method is valid even for systemd-based distributions. In order for this method to work, you must grant execute permissions to /etc/rc.d/rc.local as follows: # chmod +x /etc/rc.d/rc.local and add your script at the bottom of the file. The following image shows how to run two sample scripts (/home/gacanepa/script1.sh and Read more…